We have been thinking about this for a long time. Not as a thought experiment, but as a genuine, structural problem that sits underneath almost everything people and organisations have built on the internet. The problem is this: most people believe they own their domain. They do not. They rent it. And the consequences of that distinction — quiet, invisible, easy to ignore for years — can be catastrophic the moment the lease lapses.

This post is not about fear. It is not a warning designed to make you anxious about something that might never happen to you. It is about something more fundamental: the structural argument for why digital addresses — real ones, meaningful ones, addresses that represent a person or a place or a business or a community — should belong to the people who hold them, permanently and without condition. If we understand what the rented model actually does to people when it fails, then the case for permanent ownership writes itself.

So let us walk through it. What actually happens when a domain expires? What happens to the business, the family, the institution, the individual who built something real on top of a rented address and then, for one of a hundred entirely ordinary reasons, missed the renewal?

The model we inherited

When the web was being built, the domain registration system was designed for a particular moment in time. The internet was new. The assumption was that domain names were technical addresses — temporary conveniences, not lasting identities. Registration periods were set to expire annually. The infrastructure was designed around a cycle of renewal. Pay every year, keep your name. Stop paying, lose it. The logic made sense in context.

What nobody fully anticipated was that these addresses would become, over time, something far more significant. They would become the front door of businesses. The professional identity of practitioners. The contact point for families, communities, schools, charities, and cultural institutions. They would become the address on a million pieces of printed collateral — the business card, the signage, the embroidered polo shirt, the email footer, the listing in every directory anyone ever updated. They would become something people trusted and relied on, something that carried years of accumulated meaning.

And yet the underlying model never changed. Domains aren’t digital properties that users own when purchased; instead, they function under a registration cycle that requires periodic renewal. The clock has been ticking from the moment every domain was ever registered. The question has always been: what happens when it runs out?

The anatomy of an expiry

Most people imagine that a domain expiry is a clean, obvious event. The domain lapses, a notification arrives, you renew it, and everything goes back to normal. The reality is considerably messier, and the system is far less forgiving than most people assume.

When a domain passes its renewal date, it doesn’t vanish immediately. Instead, it enters an expiration phase managed by your registrar. During this stage, the domain typically goes offline or redirects to a parking page. The owner still has a chance to renew it, usually without penalty, but the window is short.

That is the first stage. Your website stops resolving. Your email — the email address you have given to clients, colleagues, schools, doctors, government departments, every contact you have ever made in a professional capacity — stops working. When a domain name expires, your domain services will stop working. This includes your website, as well as any other services connected to your domain name, such as your business email. Everything that depends on that name goes dark simultaneously.

Then, if you miss the grace period, things get worse. After the grace period expires, the domain usually enters the Redemption Grace Period (RGP). This is a final recovery phase where the owner can still reclaim the domain, but it comes with additional fees imposed by the registry. During redemption, the domain is removed from the active zone file, meaning it no longer resolves to a website or email service.

And if you miss that window too? The expired domain will typically be marked “Pending Delete” in WHOIS and can no longer be redeemed. Once expired domain names are marked Pending Delete, there’s no turning back — the domain will be released by the registry and may be lost forever.

After deletion, the domain is released back into the pool of unregistered names and becomes available for anyone to register on a first-come, first-served basis. High-value domains are often claimed instantly through backorder services that monitor and acquire them the moment they drop.

This is the moment the real damage begins.

What it means for a business

Think about what a business actually builds on a domain over years of operation. The domain is the address every customer has ever used to find them. It is the root of every email address that has ever appeared in a contract, an invoice, a correspondence. It is indexed across every directory listing, review platform, and social profile. It is printed on physical materials that cannot be recalled or updated overnight. It is embedded in the memory and habits of loyal customers who type it directly into a browser without thinking.

Search engines tie years of ranking signals — like backlinks, indexed pages, and domain authority — to an active domain. Those signals represent real effort: the articles written, the products listed, the reviews accumulated, the links earned from other sites across years of genuine work. When a domain expires and is released, if the domain is released and re-registered, even by the same owner, it starts over with no crawl history, active backlinks, or ranking signals until search engines recrawl and reindex the site.

Years of work, gone.

But the commercial damage, real as it is, is often the least personal part of what happens. Think about the signals that a lapsed domain sends to the people who depend on a business. If your website is no longer available due to expired domain registration, customers may perceive your brand as unprofessional or unreliable. They may even assume the business has shut down, which can damage your reputation.

That perception — the assumption that you have closed — can persist long after the domain is recovered. Customers who tried to reach you and got nothing may not try again. They may have already found someone else. The damage is done quietly, in the gap where your presence should have been, and you may never fully know how many people turned away during the outage.

What it means for an individual

The domain expiry problem is not only a commercial one. We think about the individual — the sole trader, the freelancer, the artist, the writer, the consultant — who has built their professional reputation around a personal domain. For them, the stakes are just as high, and the recovery is often harder.

A professional domain is, in many respects, a person’s digital credential. It is the address on proposals. It is linked from their profiles, their publications, their submissions. It is what clients and collaborators type when they want to verify that someone is who they say they are. When that domain lapses, the credential disappears. What replaces it, in the eyes of anyone who tries to access it, is either a blank page, a parking page full of advertising, or — worst of all — something that someone else has placed there in its stead.

There is an entire industry built around capturing lapsed domains. Monitoring domains held by companies or individuals that are set to soon expire is a standard tactic, so that the domain may be acquired the moment it lapses. The dates of expiry may be collected on a single data ingestion framework for domain squatters to scour for targets. These systems are automated. They run continuously. They are not waiting to see whether you simply forgot to renew — they are ready to capture your name the moment it becomes available, and they will do so before any human could reasonably react.

When a name with a professional history behind it falls into the hands of a squatter, the outcome can be bewildering. Squatters register soon-to-expire domains to prevent the previous owner from renewing them, then demand payment to return the domain. You can find yourself in a negotiation — often with an anonymous party, often without meaningful legal leverage — over an address that was yours, that you built, that your reputation depends on. And you may end up paying substantially more to recover it than you would have paid to keep it in the first place.

The phishing problem

This is where domain expiry moves from commercial loss and personal inconvenience into something with real harm. When an expired domain is acquired by someone with malicious intent, the accumulated trust of the original owner becomes a weapon.

A domain’s history, backlinks, and brand equity can be weaponized if it falls into the wrong hands. Cybercriminals often re-register expired domains to impersonate brands, launch phishing campaigns, or host malicious content. These activities erode customer trust and can take months to detect and repair.

Think carefully about what that means. The email address that your customers have saved in their contacts — the one they trust implicitly, the one they have received legitimate correspondence from for years — can be used to reach them with fraudulent content the moment someone else takes control of the domain. These domains can be designed to look and feel like the real brand, often copying layouts, logos and messaging. They’re commonly used in phishing emails, fake login pages and payment scams, putting customers directly at risk.

And here is the part that makes this particularly troubling: the damage lands on your customers, but your name bears it. Should customers end up tricked by these domains, they may end up having their personal data stolen. Even though it isn’t your company’s fault, many customers will blame your brand anyway, and your brand reputation can be irreparably tarnished.

You did nothing wrong. You simply forgot to renew a lease.

The forgotten infrastructure

We need to talk about why people forget, because the common framing — that domain expiry is a failure of individual responsibility — misses something important about how this system works in practice.

Renewal reminders go to an email address. Usually the email address that was active when the domain was first registered. For a business that has been operating for years, that original address may belong to a person who no longer works there, or to a role that no longer exists, or to an email account on the very domain that is about to expire — which means the warning arrives at the address that will stop functioning the moment the warning is ignored. As your domain’s expiration date approaches, your registrar will likely send you reminder emails explaining the deadline for renewal. If you miss these emails for any reason, you may not remember to renew your domain in time. One of the most common reasons you may not see a renewal email is that the emails go to your spam folder.

There are also card expiries to contend with. When you sign up for auto-renewal, your domain services provider will automatically charge your connected card or bank account for the cost of the renewal. But if your billing details aren’t up to date, the payment may not go through, leading to a lapsed registration.

And there is the simple, human reality of organisational change. A business that registered its domain ten years ago may have changed ownership, changed management, restructured, merged, or simply grown to the point where nobody clearly remembers who is responsible for the renewal. A charity that has run for decades may have rotated through many boards and many administrators, each one assuming someone else is handling the digital infrastructure. A family business may pass from parents to children without any formal transition of the administrative accounts that keep the digital address alive.

These are not stories of negligence. They are stories of the ordinary complexity of lives and institutions, colliding with a system that requires perfect, perpetual administrative attention as the price of keeping a name.

The institutional dimension

We think often about institutions when we think about this problem, because the consequences can be the most far-reaching and the hardest to reverse.

Consider a school. It has operated under the same name for generations. Its domain is the address used by current parents, former students, accrediting bodies, employers checking qualifications, and archives of every kind. The domain is embedded in documents that will be referenced for decades. When an institutional domain lapses — through a budget oversight, through a staff transition, through a failed automated payment — the loss is not just operational. It is historical.

Or consider a community organisation. A local sports club. A neighbourhood association. A cultural group. These organisations often run on volunteer labour and minimal administrative infrastructure. Nobody’s job description includes “monitor domain renewal.” It is the kind of task that falls between the gaps of responsibility in organisations like these, noticed only when it is too late.

An expired domain signals mismanagement. Even if responsibility is shared, the reputational harm is real when people experience preventable outages. For a community organisation that depends on public trust and participation, that signal can be devastating.

And there is something even more troubling at the institutional level, which is the question of the historical record. Organisations publish. They communicate. They create documents that are shared and referenced and archived. When the address that anchors that body of work disappears, the links that point to it break. The trail of references goes cold. The institutional memory that was encoded in a digital presence begins to decay, not because the content was lost, but because the address no longer resolves to anything that exists.

The geography of what gets lost

We want to be specific about what kinds of things people stand to lose, because a general statement about “digital presence” understates the real texture of it.

Email is usually the first thing to break, and it breaks silently. Messages sent to an address on an expired domain do not bounce immediately in all configurations — they may simply disappear. The sender receives no error. The recipient never knows. The conversation just stops. For a business, this can mean missed enquiries, missed orders, missed correspondence with suppliers or regulators or partners. For an individual, it can mean missed opportunities, missed communications, missed trust.

The website going offline is more visible, but the invisibility of its consequences can be just as damaging. A potential customer who cannot reach a site does not wait. They search for an alternative. They may find one. The transaction that would have happened does not happen, and you never know it was on the table.

The SEO damage runs deep and lasts long. Search engines tie years of ranking signals — like backlinks, indexed pages, and domain authority — to an active domain. During domain renewal grace or redemption periods, that equity isn’t entirely lost; rankings may dip while the site is offline, but most signals can recover within days or weeks once the domain and DNS are restored. But that window is narrow. Deletion is the point of no return — if the domain is released and re-registered, even by the same owner, it starts over with no crawl history, active backlinks, or ranking signals until search engines recrawl and reindex the site.

Then there is the secondary damage: the broken links on every other site that ever referenced yours. Every citation, every recommendation, every directory listing, every press mention that linked to your domain now leads somewhere else — or nowhere at all. That residual network of references, built up over years of genuine activity, cannot be reclaimed by recovering the domain. It must be rebuilt, one relationship at a time, and it may never be fully restored.

The market that preys on this

There is a market — a well-organised, efficiently automated, highly profitable market — built entirely around capturing the value that people lose when their domains expire.

It operates on multiple levels. At the lower end, there are backorder services that monitor expiring domains and attempt to register them the moment they are released. This is legal, and in some contexts it is neutral. But the same infrastructure serves actors with more pointed intentions.

If a domain expires and is not renewed promptly, cybercriminals or competitors may take the opportunity to re-register it. This practice, known as domain hijacking, involves claiming expired domains with the intention of selling them back to the original owner for a significant profit or using them for malicious purposes.

In some cases, expired domains may be auctioned off. There are platforms that provide a marketplace for expired domains, where individuals and businesses can bid to secure valuable domains that are no longer owned by the original registrant. Some companies specialise in acquiring and reselling expired domains. These brokers often buy expired domains in bulk and then sell them at a profit, sometimes to businesses looking for domains with existing traffic or SEO value.

The domain you spent years building equity in is, from the market’s point of view, a free asset the moment your lease lapses. Its history, its reputation, its traffic, the trust accumulated through years of use — all of this becomes available to whoever claims it first. The system does not distinguish between someone who built a thing and someone who simply wants to profit from the thing that was built. When the clock runs out, everything is equal.

The language we use

We notice that the language used to describe this system almost always places the responsibility entirely on the registrant. “You must renew.” “Set up auto-renewal.” “Keep your payment details up to date.” “Monitor your expiry dates.” The framing is: this is a perfectly designed system, and any harm that results from it is the consequence of individual failure to maintain appropriate administrative vigilance.

We want to push back on that framing, gently but clearly.

The underlying problem is not that people forget things. The underlying problem is that a system designed for a moment in history when domains were temporary technical addresses has been inherited, largely unchanged, by a world in which those addresses are permanent civic and commercial identities. The system was not designed for what it has become. And the people who depend on it — the small business owner, the independent practitioner, the community organisation, the family — did not sign up to be expert domain administrators. They signed up, in effect, to have a name.

That is what they wanted. A name. A place. An address that is theirs.

The annual renewal model does not deliver that. It delivers a name that is theirs until it is not. It delivers an address that is theirs conditional on perpetual administrative compliance with a system that is, in practice, fragile in the specific ways that human life is fragile: we change jobs, we change cards, we change email addresses, we get sick, we have too much to do, we trust that something is taken care of when it is not.

What permanent ownership actually means

When we talk about permanent onchain addresses — addresses that are owned once, for life, with no renewal and no expiry — we are not making a narrow technical argument. We are making an argument about what it means to own something.

Physical addresses do not expire. If you own a building, the street address does not lapse because you forgot to pay an annual fee. The address is yours for as long as the building stands, and the continuity of that address is a foundational piece of the social and commercial infrastructure of the place it sits in. People can find you. Mail reaches you. Records reference you. The permanence of the address is part of what makes it useful.

There is no structural reason why a digital address should be different. The argument that domains must expire to prevent hoarding is a policy argument dressed up as a technical necessity — it reflects choices made at a particular time about how to manage scarcity in a new system, not a law of nature. The scarcity argument applied in a different era, when the namespace was genuinely constrained in ways that felt meaningful. The namespace is vast. And for addresses that are tied to genuine places, real communities, specific locations in the world, the hoarding argument loses most of its force anyway. You cannot hoard a place you actually inhabit.

What permanent ownership provides is not just the absence of expiry. It is something more important: the removal of an entire category of risk. When an address cannot expire, the failure modes we have been describing in this post simply do not exist. There is no lapse. There is no grace period. There is no redemption window. There is no moment at which an automated system can capture something that was yours and sell it to someone else. There is no market for dropped names, because names do not drop.

The business that registered a permanent address does not need to remember to renew it. The sole trader does not need to update their payment details with a registrar. The community organisation does not need to assign someone the job of monitoring expiry dates. The school does not need to worry that an administrative oversight will sever its digital history from its institutional identity. The address is simply theirs, continuously, for as long as they want it.

That is what ownership means. Not a lease. Not a subscription. Not a conditional entitlement that persists only as long as you maintain flawless administrative hygiene. Ownership.

The trust that permanence creates

There is a secondary argument here that we find equally compelling, which is about what permanence does to the quality of trust between an address and the people who rely on it.

When a domain can expire, the people who interact with it are, implicitly, in a relationship with the registrant’s administrative competence. Every time they click a link, send an email, or navigate to a site, they are implicitly relying on the domain owner to have remembered to pay their annual fee. That is a tenuous foundation for trust.

When an address is permanent, this fragility disappears. An onchain address that belongs to its holder for life does not depend on a registrar’s renewal system, a payment card that remains valid, an email notification that reaches the right inbox, or the continued operation of a particular registrar as a going concern. The continuity of the address is structural, not administrative. It is written into the infrastructure itself.

This matters in ways that extend beyond the obvious. It matters for records that need to be reliable across long time horizons. It matters for correspondence that may be referenced years or decades after it was created. It matters for institutions that need to maintain a consistent identity across leadership transitions, structural changes, and the ordinary passage of time. It matters for any context in which the address needs to mean something — not just today, but continuously.

The cost of the current model

We want to be honest about the full cost of the current model, which is not just the cost of renewals. Renewals are cheap. The actual cost is the cost of the infrastructure required to maintain compliance with the renewal cycle.

Consider what a careful operator has to do to manage domain risk under the current model. They need to maintain accurate contact records at their registrar, updated whenever email addresses change. They need to maintain valid payment details, updated whenever cards expire or accounts change. They need to set and monitor renewal calendars for every domain they operate. They need to verify that auto-renewal is active and functioning. They need to have a plan for organisational transitions that includes domain administration. They need to do all of this, for every domain they hold, indefinitely, without failure, forever.

For a large organisation with dedicated IT staff, this is manageable. It is part of the administrative overhead of operating in a digital environment, and it can be systematised. But for the majority of people and organisations that hold domains — the small businesses, the sole traders, the community groups, the families — this represents a significant and largely invisible burden. It is not the cost of the renewal fee. It is the cost of perpetual vigilance over an administrative requirement that should not exist.

The domain renewal cycle creates a class of risk that is both constant and avoidable. It is constant because it never goes away — there is always another renewal coming, always another opportunity for the cycle to break. It is avoidable because the technical infrastructure that makes permanent ownership possible exists. The choice to perpetuate the rental model is not a technical necessity. It is a commercial and structural choice. And it imposes real costs on real people.

What we built and why

We are Queenslanders. We built something for this place and for the people in it — not as a commercial proposition, but as an act of long-term thinking about what it means to have a digital home that is genuinely yours.

The addresses we have secured — .queensland, .qld, .brisbane, .surfersparadise, .gold-coast, .brisbane2032 — are not rentals. They are permanent. They are onchain. When someone registers a name on one of these extensions, that name belongs to them. Not for a year. Not until they forget to renew. Not until a payment card expires or an email goes to spam. Permanently. For life.

We did not build this because we thought domain renewals were a minor inconvenience. We built it because we spent enough time thinking about the anatomy of what happens when a rental address fails — the silent email outage, the parking page where a business used to be, the squatter waiting to capture something valuable the moment the owner’s attention lapses — and we concluded that this is not a problem people should have to manage. It is a problem that should not exist.

The case for permanent ownership is not complicated. You build something on an address. The address should be yours. Not conditionally, not provisionally, not subject to perpetual administrative compliance. Yours.

Everything that flows from that — the security, the continuity, the trust, the freedom from an entire category of risk — is downstream of that simple commitment to genuine ownership.

We believe that digital addresses for places that exist in the physical world, for communities that have names and histories and futures, should be held by the people who belong to those communities, not rented from intermediaries on annual terms. We believe that permanence is not a technical luxury. It is a basic feature of what it means to call something your own.

The internet is old enough now that we know what a domain is. It is not a temporary technical address. It is a name. And names should belong to the people who bear them.